Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-15779
A Path Traversal issue exists in the socket.io-file package up to and including 2.0.31 for Node.js. The socket.io-file::createFile message uses path.join with ../ in the name option, and the uploadDir and rename options determine the path.
Socket.io-file Project Socket.io-file
7.8
CVSSv3
CVE-2020-24807
The socket.io-file package up to and including 2.0.31 for Node.js relies on client-side validation of file types, which allows remote malicious users to execute arbitrary code by uploading an executable file via a modified JSON name field. NOTE: This vulnerability only affects pr...
Socket.io-file Project Socket.io-file
6.5
CVSSv3
CVE-2016-0361
IBM General Parallel File System (GPFS) 3.5 prior to 3.5.0.29 efix 6 and 4.1.1 prior to 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstra...
Ibm General Parallel File System 3.5.0.9
Ibm General Parallel File System 3.5.0.7
Ibm General Parallel File System 4.1.0.1
Ibm General Parallel File System 3.5.0.16
Ibm General Parallel File System 3.5.0.11
Ibm General Parallel File System 3.5.0.3
Ibm General Parallel File System 3.5
NA
CVE-2008-7027
Libra File Manager 1.18 and previous versions allows remote malicious users to bypass authentication and gain privileges by setting the user and pass cookies to 1.
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.03
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.0
1 EDB exploit
NA
CVE-2008-4319
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and previous versions allows remote malicious users to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters i...
Libra File Manager Php Filemanager 1.05
Libra File Manager Php Filemanager 1.08
Libra File Manager Php Filemanager
Libra File Manager Php Filemanager 1.17
Libra File Manager Php Filemanager 1.00
Libra File Manager Php Filemanager 1.03
1 EDB exploit
3.3
CVSSv3
CVE-2017-1654
IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378.
Ibm Spectrum Scale 5.0.0.0
Ibm Spectrum Scale
Ibm General Parallel File System 4.1.0.0
Ibm General Parallel File System 4.1.0.1
Ibm General Parallel File System 4.1.0.2
Ibm General Parallel File System 4.1.0.4
Ibm General Parallel File System 4.1.0.6
Ibm General Parallel File System 4.1.0.7
Ibm General Parallel File System 4.1.0.8
Ibm General Parallel File System 4.1.0.3
Ibm General Parallel File System 4.1.0.5
8.8
CVSSv3
CVE-2022-25023
Audio File commit 004065d exists to contain a heap-buffer overflow in the function fouBytesToInt():AudioFile.h.
Audio File Project Audio File 1.1.0
8.1
CVSSv3
CVE-2019-6447
The ES File Explorer File Manager application up to and including 4.1.9.7.4 for Android allows remote malicious users to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has be...
Estrongs Es File Explorer File Manager
16 Github repositories
7.5
CVSSv3
CVE-2020-23040
Sky File v2.1.0 contains a directory traversal vulnerability in the FTP server which allows malicious users to access sensitive data and files via 'null' path commands.
Sky File Project Sky File 2.1.0
4.6
CVSSv3
CVE-2020-23058
An issue in the authentication mechanism in Nong Ge File Explorer v1.4 unauthenticated allows to access sensitive data.
File Explorer Project File Explorer 1.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »